In a message dated 10/10/2003 17:59:48 GMT Daylight Time, JBoyer@PureEdge.com
writes:
> Hi John and Andrew,
>
> <snip/>
>
> As to Andrew's point about Microsoft InfoPath, you may with
> significant effort be able to create a basic signature for a
> form that meets the requirements described in our WWW8 paper
> from 1999, but this is 2003 and you will need XFDL to handle
> many of signing scenarios that arise in practice and that are
> of greater interest to the security communities at RSA and the ACM.
John,
I would like to follow up on some other points you made but don't have time
to do that at the moment. Hopefully I will over the weekend.
Can I attempt to distill your final paragraph into a take home message?
Is it accurate to conclude that InfoPath currently implements some of your
1999 suggestions and that XForms implements none of them?
Is that an accurate statement of the position today?
I appreciate that you have hopes of better things for the future but that is
one of the issues I would like to explore further later.
Secondly, can you state which non-basic signing scenarios you have tested in
InfoPath 2003 which work and which signing scenarios you have tested in
InfoPath 2003 which don't work? Alternatively, were your comments about creating a
"basic signature" in InfoPath ... and the hints of difficulty and/or inadequacy
... more by way of a general comment than specific testing? Can you clarify
what you mean in that context by a "basic signature"?
I am trying to lead you to firm up comments which are capable of more than
one interpretation.
Thanks
Andrew Watt